Freewater Technologies Certification Training
Freewater Technologies provides on-site and mobile training solutions to commercial and government entities. Many of the courses are 5-day and 10-day classes with a certification focused delivery as required by corporate and DoD workforce programs.
All courses are instructor-led classroom style. Each course will include the following:
- Authorized or Official Courseware
- Labs (when applicable to course)
- Exam prep (when applicable to course)
- Computer for each student during classroom hours
- Notebook, pens and highlighters
- Certificate of Completion
- Applicable Continuing Education program information
We offer courses that help Department of Defense (DoD) and Department of Homeland Security personnel comply with their Cyber Security Workforce (CSWF) certification requirements.
- Freewater Proprietary
- IT and Project Management
CLICK HERE for a list of our courses
Network Forensic Analysis (NFA)
The NFA course is a lab-intensive course designed for technicians involved with incident response, traffic analysis or security auditing. The certification exam is an actual practical lab requiring candidates to follow procedures and apply industry standard methods to detect and identify attacks.
NFA was designed to partner with courses like CEH (Certified Ethical Hacker) in order to provide experience detecting the attacks a student may have seen or read about in the past. NFA pre-requisites should include information obtained from an offensive hacking and countermeasures course.
NFA is a continuously evolving course, rarely repeating the exact same captures or attacks. Many courses update their curriculum only after a large period of time, perhaps even years. NFA is committed to using the most recent attacks that real-world analysts are currently experiencing. While certain “historical” attacks are discussed in the course, students will analyze captures of attacks that are as current as a few weeks. Freewater Technologies keeps the focus on cutting edge technology, providing students with tangible information that can immediately be applied to job skills.
Freewater’s proprietary course, REDSHELL, is designed to demonstrate the use of Windows PowerShell as a 100% offensive tool. To quote harmj0y, PowerShell is simply “Microsoft’s handy post-exploitation language” and there is no better way to put it. Designed as the answer to all things of Microsoft Scripting, like any administrative interface if it is used with a bit of creativity it becomes a dream to an offensive operator. Microsoft has created a language that is extremely easy to learn (even borrowing or improving on some of the best features of other scripting languages) that exposes all of the APIs within ANY version of Windows.
REDSHELL focuses on two main facts:
- Windows security suffers from a weak underbelly by relying on the “normal” user interface.
- PowerShell allows an operator to avoid detection by not introducing any foreign processes, allowing well-written code to avoid modern (and even future predicted) methods of detection.
Topics covered in REDSHELL
- Full AD enumeration with any low privilege account
- The ability to write to disk as well as calling the scripts without any trigger of antivirus
- Utilizing common web sites as the control channel for Command and Control
- Returning the response of a command via a GET request (not POST)
- The ability to rewrite every aspect of a covert channel
- Persistence from any trigger
- Blending in with behavioral analytics
- Using 3rd party APIs of Web Applications as a communication channel
- Implementing mass commands
- Maintaining invisibility without requiring an encrypted channel
- Establishing a framework for offensive activity
REDSHELL is designed as a weapon that transcends the commercial use of Penetration Testing. It belongs in the hands of National Security and is therefore not offered to personnel outside of DoD, DHS and Law Enforcement.
Network+ ensures an IT professional has the knowledge and skills to:
- Configure, manage, and maintain essential network devices
- Use devices such as switches and routers to segment network traffic
- Identify benefits and drawbacks of existing network configurations
- Implement network security, standards, and protocols
- Troubleshoot network problems
Security+ ensures a security professional has the knowledge and skills to:
- Detect types of compromise and understand pen testing and vulnerability scanning concepts
- Install, configure, and deploy network components while assessing and troubleshooting issues
- Install and configure identity and access services, as well as management controls
- Implement and summarize risk management best practices and the business impact
- Install and configure wireless security settings and implement public key infrastructure
CySA+ is for IT professionals looking to gain the following security analyst skills:
- Perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization.
- Configure and use threat-detection tools.
- Secure and protect applications and systems within an organization.
Linux+ ensures an IT professional has the knowledge and skills to:
- Configure kernel modules, network parameters, storage, cloud and virtualization technologies
- Manage software and services, and explain server roles, job scheduling and use of devices
- Understand best practices for permissions and authentication, firewalls, and file management.
- Analyze system properties and processes and troubleshoot user, application and hardware issues
- Execute basic BASH scripts, version control using Git, and orchestration processes
The CASP+ certification validates advanced-level competency in risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security.
- Enterprise security to include operations, architecture concepts and techniques and requirements
- Analyzing risk through interpreting trend data and anticipating cyber defense needs
- Coverage of integrating cloud and virtualization technologies
- Inclusion of implementing cryptographic techniques, such as blockchain, cryptocurrency and mobile device encryption
Pentest+ ensures a penetration testing professional have the knowledge and skills to:
- Exploit network, wireless, application, and RF-based vulnerabilities, summarize physical security attacks, and perform post-exploitation techniques
- Conduct information gathering exercises with various tools and analyze output and basic scripts (limited to: Bash, Python, Ruby, PowerShell)
- Utilize report writing and handling best practices explaining recommended mitigation strategies for discovered vulnerabilities
CompTIA Cloud+ validates the skills you need to maintain and optimize cloud infrastructure services. It also:
- Covers the increased diversity of knowledge, skills and abilities required of system administrators to validate what is necessary to perform effectively in data center jobs.
- Views cloud-based infrastructure services as an increasingly important piece of an organization’s IT systems.
- Is the only vendor-neutral, performance-based certification covering more than a specific vendor or a single function — such as security or networking — to help you better realize the return on investment of cloud infrastructure services.
Implementing and Administering Cisco Solutions (CCNA)
This course gives you a broad range of fundamental knowledge for all IT careers. Through a combination of lecture, hands-on labs, and self-study, you will learn how to install, operate, configure, and verify basic IPv4 and IPv6 networks. The course covers configuring network components such as switches, routers, and wireless LAN controllers; managing network devices; and identifying basic security threats. The course also gives you a foundation in network programmability, automation, and software-defined networking.
Cisco Certified Network Professional Security (CCNP Security)
Achieving the CCNP Security certification proves your skills with security solutions. This exam tests your knowledge of implementing and operating core security technologies, including: Network security, Cloud security, Content security, Endpoint protection and detection, Secure network access, and Visibility and enforcement. To earn CCNP Security certification, you pass two exams: one that covers core security technologies and one security concentration exam of your choice, so you can customize your certification to your technical area of focus.
ECIH: Certified Incident Handler
ECIH is a method-driven program that uses a holistic approach to cover vast concepts concerning organizational incident handling and response from preparing and planning the incident handling response process to recovering organizational assets after a security incident.
CND: Certified Network Defender
The Certified Network Defender (CND) certification program focuses on creating Network Administrators who are trained on protecting, detecting and responding to the threats on the network.
This course is designed by the EC-Council to prepare you to evaluate the security of information systems by training you how hackers attack. Designed to help you pass the CEH certification exam, this course includes: Password Cracking, Web Attacks, Trojan Viruses, Security Countermeasures.
CHFI: Certified Hacking Forensic Investigator CHFI
Computer forensics enables the systematic and careful identification of evidence in computer related crime and abuse cases. This may range from tracing the tracks of a hacker through a client’s systems, to tracing the originator of defamatory emails, to recovering signs of fraud.
ECSA: EC-Council Certified Security Analyst (Penetration Testing)
The ECSA penetration testing course provides you with a real-world hands-on penetration testing experience and is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments while teaching the students how to document and write a penetration testing report.
APT/LPT: Licensed Penetration Tester
This course is intended for people beginning to work with cloud-based solutions and services. Candidates will be able to demonstrate a fundamental knowledge of cloud concepts, as well as Azure services, workloads, security, privacy, pricing, and support. In addition, you will learn concepts of networking, storage, compute, application support, and application development.
Candidates for the Azure Administrator Associate certification will learn implementing, managing, and monitoring an organization’s Microsoft Azure environment. Responsibilities for this role include implementing, managing, and monitoring identity, governance, storage, compute, and virtual networks in a cloud environment, plus provision, size, monitor, and adjust resources, when needed.
Windows 10 and 365
In this course students develop skills that include learning how to install, customize, and update Windows 10 operating systems. Students will learn how to manage storage, files, and devices as well as how to configure network connectivity for Windows 10. Students will also learn how to secure the Windows 10 OS and protect the data on the device. Finally, students will learn how to manage and troubleshoot Windows 10.
MD – 101 (Managing Modern Desktops)
In this course students will learn how to plan and implement an operating system deployment strategy using modern deployment methods, as well as how to implement an update strategy. Students will also learn about methods for deployment and management of apps and browser-based applications. Students will be introduced to the key concepts of security in modern management including authentication, identities, access, and compliance policies. Students will be introduced to technologies such Azure Active Directory, Azure Information Protection and Windows Defender Advanced Threat Protection, as well as how to leverage them to protect devices and data.
Earning Windows Server 2016 certification qualifies you for a position as a network or computer systems administrator or as a computer network specialist, and it is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).
Windows Server 2019 is the operating system that bridges on-premises environments with Azure services enabling hybrid scenarios maximizing existing investments. Increase security and reduce business risk with multiple layers of protection built into the operating system. Windows Server 2019 also enables you to create cloud native and modernize traditional apps using containers and micro-services.
This course targets the needs of IT professionals who take part in evaluating, planning, deploying, and operating Microsoft Office 365 services, including its identities, dependencies, requirements, and supporting technologies. This course focuses on skills required to set up an Office 365 tenant, including federation with existing user identities, and skills required to sustain an Office 365 tenant and its users.
IT and Project Manangement
PMP: Project Management Professional
This course develops a foundation of concepts and solutions that supports the planning, scheduling, controlling, resource allocation, and performance measurement activities required for successful completion of a project.
CompTIA Project+ is ideal for professionals who need to manage smaller, less complex projects as part of their other job duties but still have foundational project management skills. Project+ is more versatile than other certifications because it covers essential project management concepts beyond the scope of just one methodology or framework.
CISSP: Certified Information Systems Security Professional
ITIL (Information Technology Infrastructure Library) Foundations
ITIL 4 Foundation candidates will have an understanding of the following:
- A holistic approach to the facilitation of co-creation of value with customers and other stakeholders in the form of products and services
- The guiding principles of ITIL 4
- The four dimensions of Service Management
- Key concepts from Lean, Agile, DevOps, and why these are important to deliver business value
- How ITIL practices described in ITIL 4 will maintain the value and importance provided by the current ITIL processes, whilst at the same time expand to be integrated to different areas of service management and IT, from demand to value.
ITIL Intermediate: Managing Professional
- ITIL Specialist: Create, Deliver, and Support
- ITIL Specialist: Drive Stakeholder Value
- ITIL Specialist: High Velocity IT
ITIL Intermediate: Strategic Leader